Logical Router Comprising Disaggregated Network Elements

ABSTRACT

A logical router includes disaggregated network elements that function as a single router and that are not coupled to a common backplane. The logical router includes spine elements and leaf elements implementing a network fabric with front panel ports being defined by leaf elements. Control plane elements program the spine units and leaf to function a logical router. The control plane may define operating system interfaces mapped to front panel ports of the leaf elements and referenced by tags associated with packets traversing the logical router. Redundancy and checkpoints may be implemented for a route database implemented by the control plane elements. The logical router may include a standalone fabric and may implement label tables that are used to label packets according to egress port and path through the fabric.

RELATED APPLICATION

This application claims the benefit of U.S. Provisional Application Ser.No. 62/771,407, filed Nov. 26, 2018 and entitled LOGICAL ROUTERCOMPRISING DISAGGREGATED NETWORK ELEMENTS, which is hereby incorporatedby reference in its entirety.

BACKGROUND

Data centers have become ever more common and complex. With thiscomplexity comes an increase in the complexity of the networks thatenable communication among the computers of a data center. Inparticular, there is a need to reduce simplify and enable theconfiguration of network routing capacity for a large number ofcomputers.

BRIEF DESCRIPTION OF THE FIGURES

In order that the advantages of the invention will be readilyunderstood, a more particular description of the invention brieflydescribed above will be rendered by reference to specific embodimentsillustrated in the appended drawings. Understanding that these drawingsdepict only typical embodiments of the invention and are not thereforeto be considered limiting of its scope, the invention will be describedand explained with additional specificity and detail through use of theaccompanying drawings, in which:

FIG. 1 is schematic block diagram of a logical router in accordance withan embodiment of the present invention;

FIG. 2 is a process flow diagram of a method for routing packets in thelogical router in accordance with an embodiment of the presentinvention;

FIG. 3 is a schematic block diagram of the logical router in combinationwith control plane elements in accordance with an embodiment of thepresent invention;

FIG. 4 is a schematic block diagram of the logical router in combinationwith control plane elements and a management LAN switch in accordancewith an embodiment of the present invention;

FIG. 5 is a schematic block diagram showing connection of the managementLAN switch to the logical router and control plane elements inaccordance with an embodiment of the present invention;

FIG. 6 is a schematic block diagram of components for programming andmanaging the logical router in accordance with an embodiment of thepresent invention;

FIG. 7 is a schematic block diagram illustrating the programming of thelogical router in accordance with an embodiment of the presentinvention;

FIG. 8 is a schematic block diagram illustrating the configuration ofinterfaces of the logical router in accordance with an embodiment of thepresent invention;

FIG. 9 is a process flow diagram of a method for configuring theinterfaces of the logical router in accordance with an embodiment of thepresent invention;

FIG. 10 is a schematic block diagram illustrating the routing of packetswith interface labels within the logical router in accordance with anembodiment of the present invention;

FIG. 11 is a schematic block diagram illustrating the routing of packetswith interface labels within the logical router in a reverse directionin accordance with an embodiment of the present invention;

FIGS. 12, 13, and 14 are schematic block diagrams illustrating theimplementation of redundancy and fail over among control elements of thelogical router in accordance with an embodiment of the presentinvention;

FIG. 15 is a schematic block diagram of a standalone logical router inaccordance with an embodiment of the present invention;

FIG. 16 is a schematic block diagram of the standalone logical router ofFIG. 15 including tables for labeling of packets from an ingress port toan egress port in accordance with an embodiment of the presentinvention;

FIG. 17 is a schematic block diagram of the standalone logical router ofFIG. 15 including tables for labeling of packets routed to a controllerin accordance with an embodiment of the present invention;

FIG. 18 is a process flow diagram of a method for bringing up thestandalone logical router in accordance with an embodiment of thepresent invention; and

FIG. 19 is a schematic block diagram of a computer system suitable forimplementing methods in accordance with embodiments of the presentinvention.

DETAILED DESCRIPTION

It will be readily understood that the components of the invention, asgenerally described and illustrated in the Figures herein, could bearranged and designed in a wide variety of different configurations.Thus, the following more detailed description of the embodiments of theinvention, as represented in the Figures, is not intended to limit thescope of the invention, as claimed, but is merely representative ofcertain examples of presently contemplated embodiments in accordancewith the invention. The presently described embodiments will be bestunderstood by reference to the drawings, wherein like parts aredesignated by like numerals throughout.

Embodiments in accordance with the invention may be embodied as anapparatus, method, or computer program product. Accordingly, theinvention may take the form of an entirely hardware embodiment, anentirely software embodiment (including firmware, resident software,micro-code, etc.), or an embodiment combining software and hardwareaspects that may all generally be referred to herein as a “module” or“system.” Furthermore, the invention may take the form of a computerprogram product embodied in any tangible medium of expression havingcomputer-usable program code embodied in the medium.

Any combination of one or more computer-usable or computer-readablemedia may be utilized. For example, a computer-readable medium mayinclude one or more of a portable computer diskette, a hard disk, arandom access memory (RAM) device, a read-only memory (ROM) device, anerasable programmable read-only memory (EPROM or Flash memory) device, aportable compact disc read-only memory (CDROM), an optical storagedevice, and a magnetic storage device. In selected embodiments, acomputer-readable medium may comprise any non-transitory medium that cancontain, store, communicate, propagate, or transport the program for useby or in connection with the instruction execution system, apparatus, ordevice.

Computer program code for carrying out operations of the invention maybe written in any combination of one or more programming languages,including an object-oriented programming language such as Java,Smalltalk, C++, or the like and conventional procedural programminglanguages, such as the “C” programming language or similar programminglanguages, and may also use descriptive or markup languages such asHTML, XML, JSON, and the like. The program code may execute entirely ona computer system as a stand-alone software package, on a stand-alonehardware unit, partly on a remote computer spaced some distance from thecomputer, or entirely on a remote computer or server. In the latterscenario, the remote computer may be connected to the computer throughany type of network, including a local area network (LAN) or a wide areanetwork (WAN), or the connection may be made to an external computer(for example, through the Internet using an Internet Service Provider).

The invention is described below with reference to flowchartillustrations and/or block diagrams of methods, apparatus (systems) andcomputer program products according to embodiments of the invention. Itwill be understood that each block of the flowchart illustrations and/orblock diagrams, and combinations of blocks in the flowchartillustrations and/or block diagrams, can be implemented by computerprogram instructions or code. These computer program instructions may beprovided to a processor of a general purpose computer, special purposecomputer, or other programmable data processing apparatus to produce amachine, such that the instructions, which execute via the processor ofthe computer or other programmable data processing apparatus, createmeans for implementing the functions/acts specified in the flowchartand/or block diagram block or blocks.

These computer program instructions may also be stored in anon-transitory computer-readable medium that can direct a computer orother programmable data processing apparatus to function in a particularmanner, such that the instructions stored in the computer-readablemedium produce an article of manufacture including instruction meanswhich implement the function/act specified in the flowchart and/or blockdiagram block or blocks.

The computer program instructions may also be loaded onto a computer orother programmable data processing apparatus to cause a series ofoperational steps to be performed on the computer or other programmableapparatus to produce a computer implemented process such that theinstructions which execute on the computer or other programmableapparatus provide processes for implementing the functions/actsspecified in the flowchart and/or block diagram block or blocks.

The systems and methods disclosed herein relate to logical routers forcomputer data routing systems. Specifically, the systems and methodsdescribed herein relate to a logical router “chassis” that is formedfrom a set of disaggregated network elements that are not necessarily inthe same chassis or coupled to the same backplane of a chassis. Thelogical router may include a single logical point of management andcontrol, with a distributed data plane. The logical router also includesa control plane offloaded to an external computing system in order toreduce network topology size. This also allows the control plane to bemigrated to a different computer system to take advantage of newergenerations of central processing units (CPUs). The disaggregatednetwork elements comprising the logical router may be implemented usingdedicated network components incorporated into the systems and methodsdisclosed herein. In the embodiments disclosed below, the networkelements include silicon devices such as the JERICHO 2 and the RAMONdeveloped by BROADCOM. These are exemplary only and other networkelements providing the basic network routing function of these devicesmay also be used in a like manner.

FIG. 1, illustrates an example architecture of a logical router 100. Asshown in FIG. 1, the logical router 100 is comprised of multiple spineelements 102, multiple leaf elements 104, and fabric interfaces 106 thatcouple each spine element 102 to one or more leaf elements 104. In theexamples below, the spine elements 102 are RAMON-class silicon devicesand the leaf elements 104 are a set of multiple JERICHO 2-class silicondevices. The fabric interfaces 106 of the devices 102, 104 may becoupled to one another by means of network cables, such as 10G or 100Gethernet cables, fiber optic cables, or other type of networkconnection.

In the logical router 100, each spine element 102 functions as a fabricelement of a self-routing fabric. This self-routing fabric implementsall associated routing protocols in silicon, including handling linkfailures without requiring any software assistance. Each fabric elementin the logical router is interfaced with one or more leaf elements 104via fabric interfaces, as shown in FIG. 1. A collection of leaf elements104 may be used to implement a cell-based fabric in which the collectionof leaf elements 104 splits data packets into cells. These cells aredistributed across the cell-based fabric and reassembled on egress fromthe one of the leaf elements 104. This implementation allows for moreefficient utilization of the fabric. Each leaf element 104 may be alsoconfigured with a network interface 108 that allows the leaf element 104to communicate with a network.

FIG. 2 illustrates an example method 200 that may be implemented usingthe logical router 100. In particular, the method 200 illustrates animplementation of end-to-end packet scheduling using the logical router100. The method 200 may be implemented by an external controller (seediscussion of control element 300 below) or by code executing on a leafelement 104, such as the leaf element 104 whose ingress port receivesthe packet being processed according to the method 200.

The method 200 may include queuing 202, by the logical router 100, adata packet on an ingress associated with the logical router 100, suchas on one of the leaf elements 104 on whose port the packet wasreceived. Next, the ingress sends 204 a queue request to the logicalrouter 100, such as a to a second leaf element 104 corresponding to thedestination address of the data packet. An egress (e.g., the second leafelement 104) associated with the logical router 100 responds with acredit grant. Finally, the ingress sends the packet to the egress, suchas over the fabric implemented by the spine elements 102.

Referring to FIG. 3, the logical router 100 as disclosed herein providesdesirable performance with respect to the following designconsiderations:

-   -   System throughput    -   Logical chassis provisioning    -   Chassis bootstrapping    -   Chassis scaling    -   System state scaling    -   Debugging and troubleshooting    -   Resiliency to account for fabric failure, software failure, and        component failure

In the embodiment of FIG. 3, the spine elements 102 are coupled to theleaf elements 104 to implement a one-stage Clos fabric. In particular,each leaf element 104 may be coupled to each spine element 102.

The system of FIG. 3 may have the following attributes provides a 48leaf element 104 interface scale with 480×400G or 1920×100G portsimplemented by the leaf units 104, which may be JERICHO 2 silicondevices. In an alternative scale, there may be 24 leaf elementsproviding 240×400G ports or 960×100G ports. For purposes of thisdisclosure, the notation “A×B” indicates A ports with a throughput of B.The configuration of FIG. 3 is for illustrative purposes and otherconfigurations of other devices may be used in a similar manner.

In the illustrated embodiment, there are 13 spine elements 102. Thespine elements 102 in the logical router architecture of FIG. 3 may eachinclude one or multiple elements, such as one or multiple RAMON-classelements. In some implementations, a spine profile (i.e., a compositionof a spine element 102) may include a single 24-port Ramon-classelement, and two 48-port Ramon class elements.

The logical router 100 of FIG. 3 also includes 48 leaf elements. Eachspine element 102 may be interfaced with each leaf element 104 usingcommunication links implementing the 400G QSFP-DD (quad smallform-factor pluggable connection double density) optical connectors and400G protocols. However, other connector types and protocols may beused. In some implementations, each leaf element 104 is comprised of asingle J2-class silicon device including 10×400 or 40×100 interfaces, aBROADWELL (8 core) CPU, and 32 GB of RAM (random access memory). Eachleaf element 104 may be configured with 40×100G interfaces forcommunicating with external networks.

In some implementations, the logical router 100 may be managed by one ormore control plane elements 300 that are implemented using computingsystems (see, e.g., the example computing system of FIG. 19 describedbelow). The control plane elements are computer systems that areexternal to the logical router (i.e. the leaf elements 104, spineelements 102, and interconnecting fabric among these components of thelogical router 100). Each control plane element 300 may be interfacedwith one or more leaf elements 104 using, for example, 10G communicationlinks. A control plane element 300 may function as a configuration agentthat performs the router state management in order to implement achassis abstraction model with the logical router 100 such that theseparate elements 102, 104 of the logical router function as a singlerouter as if in a common chassis and coupled to a common backplane.

Referring to FIG. 4, The logical router 100 may be managed by a singlepoint of management and control. A management LAN (local area network)switch 400 that performs all the management and control functions forthe logical router 100 and the associated control plane elements 300.The logical router 100 comprising the plurality of spine elements 102interfaced with a plurality of leaf elements 104 that are, in turn,interfaced with the control plane elements 300 may be managed by themanagement LAN switch 400. The management LAN switch 400 may beinterfaced with each of the spine elements 102, leaf elements 104, andcontrol plane elements 300.

Referring to FIG. 5, the LAN switch 400 may be interfaced with elementsof the logical router 100 in the illustrated manner. For example, a leafelement 104 a and a leaf element 104 b may each be independentlyinterfaced with a control plane element 300. Each of the leaf elements104 a, 104 b and the control plane element 300 is independentlyinterfaced with the management LAN switch 400. In some realizations,each of the interfaces with the management LAN switch is implemented viaa 2×10G link, though other connection types may also be used.

The interface between each leaf element 104 a, 104 b and the controlplane element 300 may be associated with an in-band network 500 and ahost packet path. On the other hand, each interface with the managementLAN switch 400 may be associated with an out-of-band (OOB) network 502.The management LAN switch 400 may communicate over the OOB network 502with the elements 104 a, 104 b, 300 to perform functions such asbootstrap/image download, system state distribution, and gatheringsystem statistics and similar data.

Referring to FIG. 6, the software associated with the logical router 100may include a route processor software 600, a router state database 602,and linecard software 604 (also referred to herein as linecard softwaremodule 604). In some implementations of the logical router 100, allsoftware is deployed and managed as containers. The route processorsoftware 600 may program the device on which it is loaded tobidirectionally share data about the system state and statistics withthe router state database 602. The router state database 602 may beprogrammed to bidirectionally share data about the system state andstatistics with the linecard software 604.

In some implementations, the route processor software 600 implementsfollowing functions or data structures:

-   -   System wide interface control (across the elements 102, 104 of        the logical router 100)    -   Routing protocols, ARP (address resolution protocol), IPv6 ND        (internet protocol v6 neighbor discovery)    -   Routing Information Base (RIB)    -   North bound APIs (application programming interfaces)    -   Configuration management    -   Datastore    -   Linux host path    -   Telemetry    -   Features—ACL (access control list), QoS (quality of service),        CoPP (control plane policing)    -   Virtual chassis management

In some realizations, the router state database 602 includes followingfunctions or data structures:

-   -   Router state    -   Statistics    -   Sharded    -   Replicated    -   Clustered

In some realizations, the linecard software 604 implements with thefollowing functions or data structures:

-   -   ASIC (application specific integrated circuits)/SDK (software        development kit) programming    -   Stats    -   Linecard offload (BFD (bidirectional forwarding detection), LLDP        (link layer discovery protocol), SFlow (sampled flow), etc.)

FIG. 7 depicts how the three software building blocks 600, 602, 604 areimplemented in an actual logical router realization. As shown in FIG. 7,a separate linecard software module 604 (i.e., instance of linecardsoftware 604) may be implemented in each spine element 102 and each leafelement 104. Each of the linecard software modules 604 communicates witha router state database 602 in a primary control plane element 300(“router state DB 602 a”). This primary control plane element 300 a mayalso execute an instance of the router processor software 600 (alsoreferred to herein as the route processor module 600). The primarycontrol plane element 300 a shares data with a first secondary controlplane element 300 a as shown in FIG. 7. The first secondary controlplane element 300 b shares data with a second secondary control planeelement 300 c as shown in FIG. 7. Each of the first secondary controlplane element 300 a and the second secondary control plane element 300 bincludes a router state database 602 b, 602 c, respectively, toimplement functions such as data redundancy. The first secondary controlplane element 300 b and second secondary control plane element 300 c mayeach serve as backups in the event of a failure of the primary controlplane element 300 a, as discussed herein.

The logical router 100 together with the control elements 300 andmanagement LAN switch 400 as described above with respect to FIGS. 1through 7 may be used in various operational scenarios described below.

FIG. 8 illustrates a scenario by which the logical router 100 generatesinterfaces. As seen in FIG. 8, a control plane element 300 running on aLINUX computing system includes an element state database 800 and aroute processor 600. Although LINUX computing systems are describedthroughout, other operating systems may also be used, such as othervariations of UNIX, MACOS, MICROSOFT WINDOWS, or other operating systemsknown in the art.

The element state database 800, which may be part of or equivalent tothe router state database 602, may be coupled to each spine element 102and leaf element 104 forming part of the logical router 100. The elementstate database 800 may store data associated with each spine element 102and leaf element 104, such as its configuration (ports, connections ofports to other elements 102, 104, 300, addresses of elements 102, 104,300, etc.). This information may be discovered by the control planeelement 300 using any of the fabric discovery techniques disclosedherein (e.g., LSoE, LLDP). The element state database 800 provides thisdata to the route processor. For each interface on each spine element102 and leaf element 104, the route processor 600 creates a uniqueinterface (swp1/1 . . . swp1/40, swp2/1 . . . swp2/40 . . . swp48/1 . .. swp48/40 in FIG. 8) on the route processor 600 itself, where thenotation swpA/B indicates the interface on port B of element A (i.e.,spine element 102 or leaf element 104). The unique interface may be aLinux interface. Where another type of operating system is used, anetwork interface according to that operating system may be created. Theroute processor may create all interface states for all of thedisaggregated elements 102, 104 of the logical router 100. A flowdiagram illustrating the creation of the unique interfaces is shown inFIG. 9.

Referring to FIG. 9, a control plane element 300 may execute theillustrated method 900. The method 900 includes the element statedatabase 800 of a control plane element 300 receiving 902 dataassociated with reach spine element 102 and leaf element 104 of alogical router 100. The element database 800 notifies 904 the routeprocessor 600 executing on the control plane element 300 about the datareceived at step 902. The route processor then creates 906 a uniqueinterface, such as a LINUX interface, for each spine element 102 andleaf element 104 referenced in the data received at step 902.

Once the interfaces have been created inside a LINUX (or other operatingsystem) instance on the control element 300 executing the routeprocessor 600, the actual interface on the front panel of the individualleaf elements 104 may then be ‘stitched’ to the created interfacescorresponding to them. One way to do this is to allocate a unique VLAN(virtual LAN) tag to each front panel interface on each of the leafelements 104, each VLAN tag being further mapped to one of theinterfaces created on the control element 300.

FIG. 10 illustrates an example of data packet routing using interfacescreated according to the method 900 and associated with interfaces ofleaf elements 104. The software running on the leaf elements 104 areceives a packet 1000 and programs a rule in the data path that looksup the ingress interface corresponding to the destination of the packet1000 and adds the corresponding VLAN tag to the packet to obtain apacket 1002 and forwards the packet 1002 to a leaf element 104 bconnected to the control plane element 300 along with a destinationidentifier identifying the egress port of the leaf element 104 b. Thepacket 1002 may be sent to the leaf element 104 b without performing aTTL (time to live) decrement. The packet 1002 is sent to the egress leafelement 104 b by way of one or more spine elements 102. As is apparentin FIG. 10, the packet 1002 may include information for routing thepacket 1002 through the fabric 106, e.g. “BCM Fabric Header, dest=2005”(BCM=BROADCOM).

The egress leaf 104 b forwards the packet 1002 to the control planeelement 300 upon receipt. The LINUX instance executing on the controlplane element 300 then identifies the interface 1004 referenced by theVLAN tag of the packet 1002, strips out the VLAN tag, and injects thestripped packet 1006 into the corresponding interface 1004. From thereon the packet 1006 flows through the Linux data path as usual and theapplications, such as the border gateway protocol (BGP) module 1008, seethat packet as coming in on the interface 1004.

FIG. 11 shows transit in the reverse direction relative to that shown inFIG. 10. The application 1008 injects a packet 1100 into the appropriateinterface 1004 according to the destination of the packet and routingdefined by the routing database 602. A data path, such as a LINUX datapath, may have been programmed to map each interface to a VLAN tag thatuniquely identifies the egress front panel interface for the destinationaddress of the packet.

In particular, the ingress leaf 104 b (connected to the control planeelement 300) receives the packet 1100 from the application 1008 andlooks up the VLAN tag for the appropriate egress leaf 104 a, i.e. theegress leaf to which the packet should be routed according to theprogramming according to the routing database 602 as described above.The ingress leaf 104 b tags the packet 1100 with the VLAN tag andforwards the tagged packet 1102 to the egress leaf 104 a through theelements 102, 104 of the logical router 100 (see packet 1104). Theegress leaf 104 a strips off the VLAN tag and forwards the strippedpacket 1106 out of the correct front panel port, i.e. the front panelport associated with the VLAN tag and corresponding to routingcorresponding to the destination of the packet and the programmingaccording to the routing database 602.

Referring to FIGS. 12, 13, and 14, the logical router 100 and controlplane elements 300 may be programmed to implement some or all of thefollowing functions:

-   -   Process-level restart    -   Route processor redundancy    -   Route state database redundancy    -   Fabric element, link failure

The examples of FIGS. 12, 13, and 14 and their corresponding discussionillustrate how an implementation including multiple control planeelements 300 may be used to provide a logical router 100 that is robustto failures.

FIG. 12 illustrates configurations of control plane elements 300 forimplementing a high-availability logical router 100. A three-nodecontrol plane element cluster includes control plane elements 300 a, 300b, 300 c as shown in FIG. 12. Control plane element 300 a a primarycontrol plane element that runs an instance 600 a of the route processor600 that is designated as a primary route processor 600 a. Control planeelement 300 b executes an instance 600 b of the route processor 600 thatis designated as a secondary route processor 600 b. Control planeelement 300 c does not execute an instance of the route processor 600 inthis example.

Each control plane element 300 a, 300 b, 300 c may include an individualrouter state database 602 a, 602 b, 602 c, respectively. Each of routeprocessor 600 a, 600 b runs health check diagnostics on the other routeprocessor 600 b, 600 a (600 b checks 600 a, 600 a checks 600 b). Theprimary route processor 600 a may be interfaced with each router statedatabase 602 a, 602 b, 602 c in each of the control plane elements 300a, 300 b, 300 c as shown in FIG. 12.

The router state database 602 a in the control plane element 300 ashares health check replication data with the router state database inthe control plane element 300 b. The router state database 602 b shareshealth check replication data with the router state database 602 c inthe control plane element 300 c. In this way, data associated with thehealth of the primary and secondary route processors 600 a, 600 b isredundantly stored over multiple databases 602 a, 602 b, 602 c.

In some implementations, the primary route processor 600 a checkpoints arequired state in the router state databases 602 a, 602 b, 602 c. Therouter state databases 602 a, 602 b, 602 c may be spawned on all clusternodes, as illustrated in FIG. 12. Furthermore, data shards of the routerstate databases 602 a, 602 b, 602 c may be replicated internally forredundancy, and each route processor 600 a, 600 b may perform internalhealth checks to detect failovers. In an event that a health check onthe primary route processor 600 a fails, the secondary route processorshown 600 b can become the primary route processor and take over thefunctions of the primary route processor 600 a, as shown in FIG. 13.

FIG. 13 illustrates the failure of the primary router 600 a and transferof primary status to the secondary route processor 600 b. As shown, thesecondary route processor 600 b establishes connections with each of therouter state databases 602 a, 602 b, and 602 c, and reads checkpointeddata to restore the system state (e.g., state of the secondary routeprocessor 600 b per the checkpoint and/or states of the elements 102,104 of the logical router 100. The secondary route processor 600 b thustakes over the role of the primary route processor 600 a. In this way,connections with neighboring control plane elements 300 a, 300 c may bereestablished, and a graceful restart may be initiated. For example, thefunction of the new primary route processor 600 a may continue asdescribed above with respect to the function of the route processor 600a once the system state has been restored.

Referring to FIG. 14, some implementations may also include a provisionto account for a failure of a primary control plane element 300 a. Anexample scenario where the master control plane element fails is shownin FIG. 14.

In the case of failure of the primary control plane element 300 a, thecontrol plane element 300 b hosting the secondary route processor 600 bmay assume the role of the master control plane element in response todetecting failure during one of its health checks on the primary routeprocessor 600 a. The route processor 600 b will then assume the role ofthe primary route processor and establishes connections with the healthyrouter state databases 602 b, 602 c as shown in FIG. 14. The route statedatabases 602 b, 602 c may be configured to internally handle any shardfailovers associated with the failure of the primary control planeelement 300 a.

The embodiment described above with respect to FIGS. 1 through 14 mayprovide the following functions and benefits:

-   -   A Clos based fabric based on existing silicon networking        devices, such as JERICHO 2 and RAMON-class devices.    -   Self-routing fabric    -   Cell based, efficient loadbalancing    -   End-to-end scheduling    -   Control plane runs on external server    -   Logical chassis management    -   Single-box look and feel    -   Scalable, redundant route state database    -   Resiliency at all levels

FIGS. 15 through 18 illustrate an alternative approach for implementinga logical router 100. The alternative approach includes a routedbackplane fabric that uses standalone switches as spine units for thebackplane. The backplane itself is based on a Clos fabric stitched viafront-panel ports. A routed backplane fabric is realized using thefollowing main components:

-   -   Layer 3 (L3) fabric ports    -   LSoE (link state over ethernet) for fabric neighbor discovery    -   Border Gateway Protocol shortest path first (BGP-SPF) control        plane for inter-unit IP reachability    -   BGP-SPF extensions for “switch-port” discovery    -   Multiprotocol Tunnel Switching (MPLS) tunnels setup to/from        remote “switch-ports”

Note that LSoE and BGP-SPF are standardized protocols leveraged in thisdesign to build a routed backplane for a disaggregated chassis basedlogical router 100. Design for such a routed backplane is discussed inmore detail below.

FIG. 15 illustrates the physical connectivity of a logical router 100implemented using a standalone backplane structure. In thisimplementation, a centralized controller 1500 is interfaced with N spineunits 1502 (SU-1 to SU-N). Each of the front panel ports of each spineunit 1502 may be designated as a fabric port. The system also includes Mline units 1504 (LU-N+1 to LU-N+M). The back panel ports of the lineunits 1504 may also be designated as fabric ports. The controller maylikewise implement fabric ports coupled to the spine units 1502. Each ofthe N spine units 1502 may be interfaced with each of the M line units1504 using the fabric ports of the spine units 1502 and the fabric portsof line units 1504. Furthermore, each of the M line units 1504 mayinclude X front panel ports, each of which is designated as a switchport. In FIG. 15, the following notation is used:

-   -   LU: line unit    -   SU: spine unit    -   N: number of spine units    -   M: number of line units    -   X: number of switch ports on each line unit    -   swpA/B: switch port number B on line unit A    -   fpA/B: fabric port number B on unit A (controller, spine unit,        or line unit number from 0 to N+M).

The embodiment of FIG. 15 may use the same Clos connectivity that isdescribed above with respect to FIGS. 1 through 14. The Closconnectivity may be used to distribute internal switch state resultingfrom user configuration and a routing control plane, as well as forruntime operational data that needs to flow across units 1502, 1504 inorder to implement the standalone backplane structure.

The backplane fabric implemented by the interconnections between thefabric ports of the spine units 1502 and the line units 1504 providesdata traffic packet transport across all line-units 1504 and controllers1500. An MPLS routed fabric may be used as a transport underlay acrossall line unit 1504 and controller fabric ports. The fabric may have someor all of the following properties:

-   -   Each line unit 1504 fabric-port is auto-configured as a layer-3        routed port in an internal fabric-VRF (virtual routing and        forwarding) with a private IP (internet protocol) address.    -   BGP-SPF is used as internal fabric routing protocol to establish        layer 3 reachability across all fabric ports within the        fabric-VRF.    -   Each line-unit 1504, spine-unit 1502, and controller node 1500        runs an instance of BGP-SPF routing protocol on its local fabric        ports.    -   LSoE is used as the discovery protocol to discover layer-3        fabric neighbors and corresponding encapsulations.    -   LSoE learned neighbors are pushed into BGP to bring-up BGP-SPF        sessions over directly connected layer-2 fabric ports.    -   BGP-SPF peering is established on each leaf-spine connection in        the fabric as a result.    -   Fabric topology is learned on each node and fabric-VRF IP        reachability is established to each routed fabric-port via        BGP-SPF computation.    -   An MPLS transport is setup further and is described in more        detail later in this document.

Most external facing control planes for the logical router 100 thatinclude external BGP peerings, IGP (interior gateway protocol) routingprotocols, ARP, and ND (neighbor discovery) may be hosted on thecontroller node 1500. In other words, besides the backplane fabriccontrol plane that is distributed across all nodes 1500, 1502, 1504,most logical router control plane functions may be centralized on thecontroller node 1500. The illustrated architecture will however allowspecific functions (such as BFD (bidirectional forwarding detection),LLDP (link layer discovery protocol), VRRP (virtual router redundancyprotocol), and LSoE) to be distributed across line units 1504 as needed.Data paths of the units 1502, 1504 may be accordingly programmed to sendlocally bound packets to either the local CPU (for distributedfunctions) or to send them to controller node 1500 (to implement thecentralized control plane).

The centralized logical router control plane running on the controllernode 1500 drives programming of a data-plane that is distributed acrossthe line units 1504. A one-stage forwarding model is defined as one inwhich (a) all layer 3 route look-ups are done on the ingress line-units1504 and (b) resulting rewrites and egress port are resolved on ingressline-unit 1504. All resulting encapsulation rewrites are put on thepacket and packet is sent to egress line-unit 1504 over the backplanetransport fabric with the resulting egress port information. All packetediting happens on the ingress line-unit 1504. Egress line unit 1504simply forwards the packet on the egress port 1504. A one-stageforwarding model, as defined above is simulated across standaloneline-units 1504 in this logical router 100 to accomplish layer-3forwarding across line-units:

-   -   L1 rewrites are resolved and written on the ingress line unit        (LU) 1504    -   Packets are tunneled to egress-LU 1504 over MPLS tunnel    -   MPLS label resolves egress-port on the egress-LU 1504

In some embodiments, all line unit 1504 front panel ports (except forports designated as fabric-ports) are designated as externalswitch-ports as noted above. Each of these switch-ports would berepresented as an interface in the logical router 100. All logicalrouter interfaces would be represented in a data plane, a control plane,and a management plane on the controller 1500, as well as in a dataplane on all line-units 1504. For example, an interface “swp3/2”representing port 2 on line-unit 3 would be programmed in the data planeon all the line-units 1504. It would also be visible in the managementplane hosted on the controller node 1500 and in the routing controlplane hosted on the controller 1500.

In some embodiments, all router interfaces, including ones on remoteline units 1504 are programmed in the data plane on each line unit 1504in order to accomplish one-stage forwarding across line units 1504 asdefined above. A local interface on a line unit 1504 simply resolves toa local port. However, a remote interface on a line unit 1504 isprogrammed in the data plane such that a packet egressing this remoteinterface is sent to the remote line unit 1504 to be egressed out of thecorresponding router port on the remote line unit 1504. An underlayfabric transport tunnel is setup to stitch the data path to the egressline unit 1504 for this purpose and an overlay encapsulation may be usedto identify the router port on the egress line unit 1504.

There are a couple of choices with respect to transport tunnel andoverlay encapsulation that may be used for this purpose:

-   -   A pure IP fabric transport (IP tunnel) and VXLAN (virtual        extensible LAN) overlay encapsulation (such as a virtual network        identifier (VNID)) to identify the egress port    -   An MPLS fabric transport (such as label switched path (LSP)) and        a MPLS overlay internal-label to identify the egress port

An MPLS transport and overlay may be used in this architecture. However,overall architecture does not preclude using an IP transport with aVXLAN tunnel to accomplish the same.

In order to improve or optimize the number of internal labelencapsulations put on the packet, both the transport label and theinterface label may be collapsed into a single label that bothidentifies a physical port and provides a transport LSP to or from theline unit 1504 hosting the physical interface. This overlay labelidentifies the egress interface for egress traffic switched towards theegress line unit 1504 (e.g., egress line card) and interface, as well asidentifying an ingress interface for ingress traffic on the interfacethat needs to be punted to the controller 1500 that hosts routingprotocols running on that interface. Two internal label allocations maybe defined for this purpose:

-   -   egress-label allocated per-local-(LC, port), used to tunnel from        ingress-LU to remote-egress-port, identifies egress-port for        switched traffic    -   ingress-label allocated per-(controller, port), used to tunnel        from ingress-LU to controller, identifies ingress-port for host        destined traffic

Each of the above label contexts may be globally scoped across all nodes1500, 1502, 1504 within the logical router 100 and identify both thephysical port as well as a directed LSP. The above label allocationscheme essentially results in two global labels being allocated for eachrouter-port within the logical router 100. MPLS labels may be staticallyreserved and assigned for this purpose on switch-port interfacediscovery and these reserved labels would not available for external usein some embodiments.

A globally scoped label (across all logical router nodes 1500, 1502,1504) that is allocated for each local router port of each line unit1504 identifies both the egress router-port as well as a transport LSPfrom ingress line-unit to the egress line-unit that hosts the physicalport. This label is programmed on logical router nodes 1500, 1502, 15014as follows:

-   -   On the ingress line-unit 1504, this label is part of the tunnel        encapsulation result to be rewritten on the packet to egress out        of a remote interface.    -   On the spine-unit 1502, this label switches to egress line unit        fabric-next-hop rewrite with the same egress label.    -   On the egress line-unit, this label simply points to the egress        interface (with no packet rewrite.

This process is illustrated in FIG. 16. The following notation is usedin FIG. 16:

-   -   L(e, x, y): egress label for switch port x on LU-y    -   L(I,x,y): ingress label for switch port x on LU-Y    -   MAC-x: router MAC (machine access code) of unit X

A packet may be received by an ingress line unit 1504 (LU-(N+M)). Uponexiting the ingress line unit LU-(N+M), the packet is labeled accordingto the illustrated label table 1600, which includes the egress interface(“[12.1.1.2,swp(N+2)/1]->MAC-A”) as well as the transport LSP, i.e.tunnel path, to the egress interface (“MAC-A->L(e,x,y)+MAC-1, port:fp(N+M)/1->L(e,x,y)+MAC-N, port: fp(N+M)/N”). The packet is sent to aspine unit 1502 (SU-N). The spine unit SU-N rewrites the packetaccording to the label table 1602 that includes the fabric-next-hoprewrite (“L(e,x,y)->MAC-N+2, port:fpN/2”) and the egress label. Thespine unit SU-N forwards the rewritten packet to the egress line unit1504 (LU(N+2)), which transforms the label of the packet according tothe table 1604 that simply points to the egress interface(L(e,x,y)->swp(N+2)/1).

Referring to FIG. 17, a globally scoped label (across all logical routernodes 1500, 1502, 1504) may be allocated per-(controller, router-port)and identifies both the ingress router-port as well as a transport LSPfrom ingress line-unit to the controller card. This label is programmedon logical router nodes as follows:

-   -   On the ingress line unit 1504, this label is part of the tunnel        encapsulation result to be rewritten on the packet for packet        punted to the controller (see table 1700 of FIG. 17 on line unit        LU-(N+M)    -   On the spine unit 1502, this label simply switches to controller        fabric-next-hop rewrite with the same egress label (see table        1702 on spine unit SU-N)    -   On the controller 1500, this label identifies the ingress        interface in the host stack (see table 1704)

Punted packets need to be injected into the LINUX kernel making it lookas if they arrived on the Linux interface corresponding to the frontpanel port the packet arrived on. On a standalone system, the host pathruns in the LINUX Kernel running on the local CPU of the switch, i.e.line unit 1504, which would be the line unit LU-(N+M) in the example ofFIG. 17. An ASIC on the line unit 1504 adds a system header thatindicates which ingress interface the packet arrived on. A BCM Knetmodule in the kernel then maps the hardware ingress interface to theLINUX interface and injects the packet into the LINUX data path.

In the illustrated architecture, the host data path runs in multipleplaces. On the line unit 1504, packets may need to be punted to the BGPLSVR (link state vector routing) instance running on that line unit1504. If the packet is destined to a control plane protocol instancerunning on the controller 1500, then the line unit 1504 needs to be ableto deliver the packet to the controller. Since there is no system headerin this path, the ingress interface needs to be identified andencapsulated within the packet itself.

As mentioned in the earlier sections, this is achieved using a uniquelabel that identifies the ingress interface. An ACL rule can be used tomatch on the ingress interface and supply the corresponding label andthe subsequent forwarding chain. However, this result needs to be usedonly when the packet really needs to be sent to the controller 1500. Inother cases, the forwarding lookup should drive the encapsulations.

FIG. 18 illustrates an approach for bringing up the standalone backplanefabric according to the approach of FIGS. 15 through 17. Bringing up thebackplane fabric and programming happens automatically on boot-upwithout any explicit user configuration or intervention such that:

-   -   layer-3 (L3) backplane reachability is established across all        layer-3 enabled fabric ports within a fabric-VRF    -   overlay transport tunnels are setup to/from all router-ports        across all logical router components: line units 1504, spine        units 1502, and controller 1500.

As shown in FIG. 18, a method 1800 for bringing up the backplane fabricmay include downloading 1802 fabric configuration to each unit 1500,1502, 1504 being managed. This may include IP addressing, card roles,port roles, and port-MPLS labels. The method 1800 further includesbringing up 1804 L3 addressing on the fabric ports of each unit 1500,1502, 1504. The method 1800 may further include bringing up 1806 LSoE onfabric ports, which includes discovering fabric neighbors and pushingeach unit's 1500, 1502, 1504 neighbor database acquired in this mannerto a BGP-LSVR on the controller 1500. The method 1800 may furtherinclude performing 1808, by a BGP-SPF instance on each unit 1500, 1502,1504: bringing up peerings, learning fabric topology, and installingfabric IP routes in the fabric VRF

Auto-bring-up of layer-3 backplane fabric may be orchestrated accordingto the explanation below in which R0 refers to the controller 1500.

Auto-Configure R0 with a Startup Config:

Assume R0 has been imaged and management Ethernet (mal) is up andaddressed. R0 reads a start-up configuration file (packaged with theimage) that has the following:

-   -   The topology: spine-units, line-units    -   Private addressing for its southbound fabric interfaces    -   MPLS labels for overlay interface tunnels    -   Management IP address pool for line-unit mals    -   ZTP (zero touch provisioning)/start-up config for line-units and        spine-units

Bring-Up Line-Units:

R0 brings its southbound fabric interfaces up (spine units 1502 and lineunits 1504 in the topology of FIGS. 15 through 8) with addressing fromthe start-up configuration file.

R0 runs dhcpd (dynamic host configuration protocol daeomon) so lineunits' 1504 and spine units' 1502 management ethernets mals can getaddresses from a pool given in the startup configuration file. The linecard numbers for the units 1502, 1504 are assumed to be the R0 port towhich they are wired. R0 runs a ZTP service to the units 1502, 1504.

Push Startup Configuration to Line-Units:

R0 pushes startup configuration to the line units 1504 and spine units1502. This configuration identifies a card role for each unit 1502,1504; identifies each local port as “fabric-port” or “router-port,”specifies northbound fabric interface addressing, and provides MPLSlabels for router-port overlay tunnels (two labels per port).

The units 1502, 1504 then run LSoE on fabric ports to make sure they arewired as expected from the startup configuration. LSoE discovers layer-3fabric neighbors and corresponding encapsulations. The database ofinformation learned by LSoE is exported into BGP-SPF, as per standardLSoE function.

BGP-SPF peering is established on each line unit-to-spine unit fabriclink. Fabric topology is learned on each unit 1502, 1504 and fabric-VRFIP reachability is established to each routed fabric-port via BGP-SPFcomputation. BGP-SPF programs each local line-unit/spine-unit RIBs(router information base) with fabric routes within the fabric-VRF. Atthis point, there is IP reachability across all fabric port IPaddresses.

Switch-Port Discovery and Tunnel Bring-Up:

Local router ports may be discovered on each line unit 1504. Discoveredrouter ports along with assigned MPLS labels are pushed into localBGP-LSVR instances on each line unit 1504. BGP-SPF may be enhancedfurther to be able to carry ports+labels independent of IP addressing.Accordingly, BGP-SPF may be configured to compute shortest path first(SPF) SPF to each “switch-port” in the logical router. BGP-SPF, may alsoincorporate these external switch-ports into its fabric-VRF topologyindependent of the user VRF that they are configured in. BGP on eachunit 1504 instantiates ingress/egress overlay MPLS tunnels for eachinterface that resolve via fabric-VRF next-hops. Tunnel reachability maybe resolved via fabric-VRF next-hops and tunnels may be programmed asdescribed earlier with assigned MPLS label on each unit 1504.

User configuration on R0 follows the bringing up of the backplane fabricand may be handled on the controller 1500. Switch state computed as aresult of this user configuration and control plane may be furtherdistributed for programming across some or all of the line units 1504.

Example Packet Paths

This section goes over how some common packet paths would work in thesystem using data path programming of the control node 1500 and units1502, 1504 described in earlier sections.

ARP Resolution

Glean Processing on a unit 1502, 1504 is performed by an ingress L3route lookup on destination IP address that resolves to an incompletenext-hop or subnet (glean) route that is programmed pointing to PUNTpath. The PUNT path is pre-programmed pointing toingress-interface-tunnel to the controller 1500. An ingress layer-2packet is encapsulated with ingress-interface-label+rewrite tofabric-spine-next-hop. The encapsulated packet is transmitted on thefabric port to one of the spine units 1502. The spine unit 1502terminates outer layer-2. An MPLS in-label lookup on the spine unit 1502points to ingress-interface-label+rewrite to fabric-controller-next-hop.This information is used to route the packet to the controller 1500. Thecontroller terminates outer layer-2. The controller 1500 is programmedto perform an MPLS in-label lookup action as POP (point of presence) andidentifies the ingress interface context. The controller performs an L3route lookup on the destination IP of the packet and resolves to anincomplete next-hop or subnet (glean) route. The controller 1500 thendelivers the packet using the next-hop or subnet route for ARPresolution with the ingress interface.

ARP Request

The controller 1500 generates a broadcast ARP request on the ingressL3-interface. The controller L3-interface resolves toegress-interface-tunnel port. The ARP packet of the broadcast ARPrequest is encapsulated with egress-interface-label+rewrite tofabric-spine-next-hop. The encapsulated packet is transmitted on thefabric port to one of the spine units 1502. The spine unit 1502terminates outer layer-2. An MPLS in-label lookup on the spine unit 1502points to egress-interface-label+rewrite to fabric-line-unit-next-hop.The encapsulated packet is transmitted on the fabric port to the egressline unit 1504 according to the MPLES in-label lookup. The egressline-unit 1504 terminates outer layer-2. The egress line unit 1504performs an MPLS in-label lookup, resulting in POP and forward on anegress interface of the egress line unit identified from the MPLSin-label look up.

ARP Reply

ARP reply packets may be programmed with a PUNT path to the controller1500. The PUNT path is pre-programmed and points to aningress-interface-tunnel to the controller 1500. An ingress L2 ARPpacket from a line unit 1504 may be encapsulated withingress-interface-label+rewrite to fabric-spine-next-hop according tothe PUNT path. The encapsulated packet is transmitted on the fabric portto one of the spine units 1502. The spine unit 1502 terminates the outerlayer-2. An MPLS in-label lookup on the spine unit 1502 points toingress-interface-label+rewrite to fabric-controller-next-hop. Thisinformation is used to forward the ARP packet to the controller 1500.

The controller 1500 terminates outer layer-2. The controller 1500performs an MPLS in-label lookup action and is programmed as POP. Thecontroller 1500 identifies the ingress interface context according tothe lookup action. The inner packet encapsulated in the packet from theline unit 1504 is identified as an ARP packet and delivered to ARPmodule executing on the controller 1500, which processes the ARP replyaccording to address resolution protocol (ARP).

Ingress LC->Egress LC Routed Packet Walk

The ingress line unit 1504 performs an ingress L3 route lookup ondestination IP of a packet and resolves to next-hop rewrite,L3-egress-interface, L2-egress-interface-tunnel-port. The packet isre-written with next-hop rewrite result from the route lookup and VLANediting derived from egress L3-interface and L2-port. The resultinglayer-2 packet is encapsulated with egress-interface-label+rewrite tofabric-spine-next-hop. The encapsulated packet is transmitted on thefabric port to one of the spine units 1504 according to thefabric-spine-next-hop. The spine unit 1504 receives the encapsulatedpacket, terminates the outer layer-2, and performs an MPLS in-labellookup that points to egress-interface-label+rewrite tofabric-egress-line-unit-next-hop. The spine unit 1504 transmits theencapsulated packet to the egress line unit 1504 referenced by thefabric-egress-line-unit-next hope. The egress line unit 1504 terminatesthe outer layer-2, performs an MPLS in-label lookup result to obtain POPand forwards the encapsulated packet on an egress interface of theegress line unit 1504 referenced by the encapsulated packet.

FIG. 19 is a block diagram illustrating an example computing device 1900which can be used to implement the system and methods disclosed herein,such as a control plane element 300, controller 1500, or the variouselements 102, 104, 1502, 1504 of the logical router 100.

Computing device 1900 may be used to perform various procedures, such asthose discussed herein. Computing device 1900 can function as a server,a client, or any other computing entity. Computing device can performvarious monitoring functions as discussed herein, and can execute one ormore application programs, such as the application programs describedherein. Computing device 1900 can be any of a wide variety of computingdevices, such as a desktop computer, a notebook computer, a servercomputer, a handheld computer, tablet computer and the like.

Computing device 1900 includes one or more processor(s) 1902, one ormore memory device(s) 1904, one or more interface(s) 1906, one or moremass storage device(s) 1908, one or more Input/Output (I/O) device(s)1910, and a display device 1930 all of which are coupled to a bus 1912.Processor(s) 1902 include one or more processors or controllers thatexecute instructions stored in memory device(s) 1904 and/or mass storagedevice(s) 1908. Processor(s) 1902 may also include various types ofcomputer-readable media, such as cache memory.

Memory device(s) 1904 include various computer-readable media, such asvolatile memory (e.g., random access memory (RAM) 1914) and/ornonvolatile memory (e.g., read-only memory (ROM) 1916). Memory device(s)1904 may also include rewritable ROM, such as Flash memory.

Mass storage device(s) 1908 include various computer readable media,such as magnetic tapes, magnetic disks, optical disks, solid-statememory (e.g., Flash memory), and so forth. As shown in FIG. 19, aparticular mass storage device is a hard disk drive 1924. Various drivesmay also be included in mass storage device(s) 1908 to enable readingfrom and/or writing to the various computer readable media. Mass storagedevice(s) 1908 include removable media 1926 and/or non-removable media.

I/O device(s) 1910 include various devices that allow data and/or otherinformation to be input to or retrieved from computing device 1900.Example I/O device(s) 1910 include cursor control devices, keyboards,keypads, microphones, monitors or other display devices, speakers,printers, network interface cards, modems, lenses, CCDs or other imagecapture devices, and the like.

Display device 1930 includes any type of device capable of displayinginformation to one or more users of computing device 1900. Examples ofdisplay device 1930 include a monitor, display terminal, videoprojection device, and the like.

Interface(s) 1906 include various interfaces that allow computing device1900 to interact with other systems, devices, or computing environments.Example interface(s) 1906 include any number of different networkinterfaces 1920, such as interfaces to local area networks (LANs), widearea networks (WANs), wireless networks, and the Internet. Otherinterface(s) include user interface 1918 and peripheral device interface1922. The interface(s) 1906 may also include one or more user interfaceelements 1918. The interface(s) 1906 may also include one or moreperipheral interfaces such as interfaces for printers, pointing devices(mice, track pad, etc.), keyboards, and the like.

Bus 1912 allows processor(s) 1902, memory device(s) 1904, interface(s)1906, mass storage device(s) 1908, and I/O device(s) 1910 to communicatewith one another, as well as other devices or components coupled to bus1912. Bus 1912 represents one or more of several types of busstructures, such as a system bus, PCI bus, IEEE 1394 bus, USB bus, andso forth.

For purposes of illustration, programs and other executable programcomponents are shown herein as discrete blocks, although it isunderstood that such programs and components may reside at various timesin different storage components of computing device 1900, and areexecuted by processor(s) 1902. Alternatively, the systems and proceduresdescribed herein can be implemented in hardware, or a combination ofhardware, software, and/or firmware. For example, one or moreapplication specific integrated circuits (ASICs) can be programmed tocarry out one or more of the systems and procedures described herein.

1. A system comprising: a plurality of disaggregated network elementscoupled by a network and not coupled to one another by a commonbackplane of a chassis; and a control element coupled to the pluralityof disaggregated network elements; a route processor executing on thecontrol element and programmed to: create virtual interfaces for eachelement of leaf elements included in the plurality of disaggregatednetwork elements in an operating system of the control element.
 2. Thesystem of claim 1, wherein the operating system is a LINUX operatingsystem and the virtual interfaces are LINUX interfaces.
 3. The system ofclaim 1, wherein the route processor is further programmed to: assign avirtual local area network (VLAN) tag to each front panel interface of aplurality of front panel interfaces of the leaf elements.
 4. The systemof claim 3, wherein a first leaf element of the leaf elements is furtherprogrammed to: receive a packet on a first front panel interface of thefirst leaf element; tag the packet with the VLAN tag of a second frontpanel interface of a second leaf element of the leaf elements to obtaina tagged packet; and transmit the tagged packet over the network to thesecond leaf element.
 5. The system of claim 4, wherein the second leafelement is programmed to: forward the tagged packet to the controlelement; and wherein the control element is further programmed to:identify a virtual interface of the virtual interfaces to which the VLANtag of the tagged packet is assigned; strip the VLAN tag from the taggedpacket to obtain a stripped packet; and input the stripped packet to thevirtual interface to which the VLAN tag of the tagged packet isassigned.
 6. The system of claim 1, wherein the control element isprogrammed to: receive a packet from an application; look up a VLAN tagof a first interface of a first leaf element of the leaf elements; tagthe packet with the VLAN tag to obtain a tagged packet; inject thetagged packet to a second interface of a second leaf element of the leafelements.
 7. The system of claim 6, wherein the first leaf element isprogrammed to: receive the tagged packet from the second leaf elementover the network; strip the VLAN tag from the tagged packet to obtain astripped packet; and output the stripped packet from a front panelinterface of the first leaf element corresponding to the VLAN tag. 8.The system of claim 1, wherein the control element is a computer systemexternal to the plurality of disaggregated network elements.
 9. Thesystem of claim 1, wherein the plurality of disaggregated networkelements and the network implement a self-routing network fabric. 10.The system of claim 9, wherein the self-routing network fabricimplements routing protocols.
 11. The system of claim 10, wherein theplurality of disaggregated network elements further include a pluralityof spine elements coupled to back panel ports of a plurality of leafelements.
 12. The system of claim 11, wherein the plurality of spineelements comprise RAMON silicon devices and the plurality of leafelements comprise JERICHO-2 silicon devices.
 13. A method comprising:providing a plurality of disaggregated network elements coupled by anetwork and not coupled to one another by a common backplane of achassis; and providing a control element coupled to the plurality ofdisaggregated network elements; creating, by the control element,virtual interfaces for each element of leaf elements included in theplurality of disaggregated network elements in an operating system ofthe control element.
 14. The method of claim 13, further comprising:assigning, by the control element, a virtual local area network (VLAN)tag to each front panel interface of a plurality of front panelinterfaces of the leaf elements to associate the each front panelinterface with one of the virtual interfaces.
 15. The method of claim13, further comprising performing, by a first leaf element of the leafelements: receiving a packet on a first front panel interface of thefirst leaf element; tagging the packet with the VLAN tag of a secondfront panel interface of a second leaf element of the leaf elements toobtain a tagged packet; and transmitting the tagged packet over thenetwork to the second leaf element.
 16. The method of claim 15, furthercomprising: forwarding, by the second leaf element, the tagged packet tothe control element; and performing, by the control element: identifyinga virtual interface of the virtual interfaces to which the VLAN tag ofthe tagged packet is assigned; stripping the VLAN tag from the taggedpacket to obtain a stripped packet; and inputting the stripped packet tothe virtual interface to which the VLAN tag of the tagged packet isassociated.
 17. The method of claim 13, further comprising performing,by the control element: receiving a packet from an application; lookingup a VLAN tag of a first interface of a first leaf element of the leafelements; tagging the packet with the VLAN tag to obtain a taggedpacket; injecting the tagged packet to a second interface of a secondleaf element of the leaf elements.
 18. The method of claim 17, furthercomprising performing, by the first leaf element: receiving the taggedpacket from the second leaf element over the network stripping the VLANtag from the tagged packet to obtain a stripped packet; and outputtingthe stripped packet from a front panel interface of the first leafelement corresponding to the VLAN tag.
 19. The method of claim 13,wherein the control element is a computer system external to theplurality of disaggregated network elements.
 20. The method of claim 13,wherein the plurality of disaggregated network elements and the networkimplement a self-routing network fabric.